package cn.t.keycloak.plugin.login.condition;

import cn.t.keycloak.plugin.login.AuthConstants;
import lombok.extern.slf4j.Slf4j;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.authenticators.conditional.ConditionalAuthenticator;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;

import java.util.Objects;

/**
 * 自定义条件
 * @author 陶敏麒
 * @date 2023/11/29 15:59
 */
@Slf4j
public class SkipMfaConditionAuthenticator implements ConditionalAuthenticator {

    public static final SkipMfaConditionAuthenticator INSTANCE = new SkipMfaConditionAuthenticator();
    @Override
    public boolean matchCondition(AuthenticationFlowContext context) {
        var res = Objects.equals(context.getAuthenticationSession().getAuthNote(AuthConstants.SKIP_SMS_MFA), "1");
        log.info("[条件验证]是否跳过后续处理:{}", res);
        return !res;
    }

    @Override
    public void action(AuthenticationFlowContext authenticationFlowContext) {

    }

    @Override
    public boolean requiresUser() {
        return true;
    }

    @Override
    public void setRequiredActions(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {

    }

    @Override
    public void close() {

    }
}
